Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
Either by sending a code to SMS or Email, you are able to sign into your account without ever needing to or being able to add a password. Why has this become a thing recently?
But that’s what MFA is there for, although they shouldn’t be using SMS as one of the possible factors - let alone the main one, as seems to be the case.
Yeah but your password on my product with MFA is probably used everywhere else without MFA. Most products have a low risk security profile so they don’t want to be the leak for higher risk stuff.